Описание
A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an authenticated user, resulting in a session hijacking.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wpn-xm:wpn-xm:0.8.6:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00052
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 2 лет назад
A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an authenticated user, resulting in a session hijacking.
EPSS
Процентиль: 16%
0.00052
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79